NIAP: Archived U.S. Government Approved Protection Profile - Protection Profile for Network Devices Version 1.0
NIAP/CCEVS

Short Name: pp_nd_v1.0

Technology Type: Network Device

CC Version: 3.1

Date: 10 December 2010

Sunset Date: 12 June 2012 [Sunset Icon]

Conformance Claim: US Standard - EAL1

 

PP OVERVIEW

This Protection Profile (PP), “U.S. Government Approved Protection Profile - Security Requirements for Network Devices,” describing security requirements for a Network Device (defined to be an infrastructure device (as opposed to an end-user device) that can be connected to a network), is intended to provide a minimal, baseline set of requirements that are targeted at mitigating well defined and described threats. It represents an evolution of “traditional” Protection Profiles and the associated evaluation of the requirements contained within the document. This introduction will describe the features of a compliant TOE, and will also discuss the evolutionary aspects of the PP as a guide to readers of the document.

SECURITY EVALUATION SUMMARY

This Protection Profile (PP), describing security requirements for a Network Device (defined to be an infrastructure device (as opposed to an end-user device) that can be connected to a network), is intended to provide a minimal, baseline set of requirements that are targeted at mitigating well defined and described threats. It represents an evolution of “traditional” Protection Profiles and the associated evaluation of the requirements contained within the document.

Compliant TOEs will provide security functionality that addresses threats to the TOE and implements policies that are imposed by law or regulation. Compliant TOEs must protect communications to and between elements of a distributed TOE (e.g., between a network IDS sensor and the centralized IDS manager) or instantiations of the TOE in a single enterprise (e.g., between routers). The TOE must offer identification and authentication services that support the composition of moderate complex passwords or passphrases, and make these services available locally (that is, a local logon) as well as remotely (remote login). The TOE must also offer auditing of a set of events that are associated with security-relevant activity on the TOE, although these events will be stored on a device that is distinct from the TOE. The TOE must offer some protection for common network denial of service attacks and some separation of administrative roles. The TOE must also provide the ability to verify the source of updates to the TOE.

ENVIRONMENTAL STRENGTHS

ASSURANCE MAINTENANCE

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

This U.S. Government Approved Protection Profile does not have any related Technical Decisions

Please forward any questions or comments to pp-comments@niap-ccevs.org

Site Map              Contact Us              Home